public function delete()
{
$options = WebApp::post('options') === NULL ? array() : strgetcsv(WebApp::post('options'));
if (count($options) == 0) {
return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL);
}
foreach ($options as $option) {
$validated = GUMP::is_valid(array('opt' => $option), array('opt' => 'integer'));
if ($validated !== true) {
return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL);
}
}
$delete = $this->mySQL_w->prepare("DELETE FROM `core_options` WHERE `id`=?");
$affected_rows = 0;
foreach ($options as $id) {
$delete->bind_param('i', $id);
$delete->execute();
$delete->store_result();
$affected_rows += $delete->affected_rows;
}
if ($affected_rows == count($options)) {
$this->parent->parent->logEvent($this::name_space, 'Deleted options: ' . csvgetstr($options));
return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted selected option(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Deleted some options: ' . csvgetstr($options));
return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted ' . $affected_rows . '/' . count($options) . ' selected option(s)!<br /><small>Possible cause: <code>Unknown</code></small>', B_T_WARNING);
}
}
public function backup()
{
if (!$this->accessAdminPage(3)) {
return new ActionResult($this, '/admin/modules/', 1, 'You are not allowed to do that', B_T_FAIL);
}
$backups = WebApp::post('backups') === NULL ? array() : strgetcsv(WebApp::post('backups'));
if (count($backups) == 0) {
$backups = WebApp::get('m') === NULL ? array() : array(WebApp::get('m'));
}
if (count($backups) == 0) {
return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL);
}
foreach ($backups as $backup) {
$validated = GUMP::is_valid(array('bk' => $backup), array('bk' => 'integer'));
if ($validated !== true) {
return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL);
}
}
$location = __BACKUP__ . DIRECTORY_SEPARATOR . date(DATET_BKUP) . DIRECTORY_SEPARATOR;
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'resources' . DIRECTORY_SEPARATOR . 'backup.php';
$result = array();
foreach ($backups as $module) {
$backup = new Backup($this->parent);
if (!$backup->setLocation($location)) {
return new CronResult($this, false, 'Failed to create backup dir: ' . DIRECTORY_SEPARATOR . 'backup' . str_replace(__BACKUP__, '', $location . $module));
}
if (!$backup->setID($module)) {
return new CronResult($this, false, 'Failed to setID for ' . $module);
}
$results[$module] = $backup->backup();
unset($backup);
}
$msg = '';
$status = true;
foreach ($results as $ns => $data) {
$msg .= '"' . $ns . '": ' . $data['msg'] . PHP_EOL;
if (!$data['s']) {
$status = false;
}
}
if ($status) {
$msg = 'Backup was completed for selected module(s)!';
$type = B_T_SUCCESS;
} else {
$msg = 'Backup was completed but failed for some/all module(s). Details as follows:' . PHP_EOL . $msg;
$type = B_T_WARNING;
}
$this->parent->parent->logEvent($this::name_space, 'Back up modules: ' . csvgetstr($backups));
return new ActionResult($this, '/admin/modules/backup', 1, $msg, $type);
}
function setpassword()
{
$n_pwd = WebApp::post('n_pwd') === NULL ? '' : WebApp::post('n_pwd');
$n_pwd_c = WebApp::post('c_pwd') === NULL ? '' : WebApp::post('c_pwd');
$users = WebApp::post('users') === NULL ? array() : strgetcsv(WebApp::post('users'));
if (count($users) == 0) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords.<br />Error: <code>No users were selected</code>', B_T_FAIL);
}
if ($n_pwd == '') {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords.<br />Error: <code>Password cannot be blank</code>', B_T_FAIL);
}
if ($n_pwd != $n_pwd_c) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords.<br />Error: <code>New passwords must match</code>', B_T_FAIL);
}
$userCtrl = $this->parent->parent->user;
$check_query = $this->mySQL_w->prepare("SELECT `p_group` FROM `core_users` WHERE `id`=?");
if ($check_query === false) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords!<br />Error: <code>Check query failed</code>', B_T_FAIL);
}
foreach ($users as $UID) {
$check_query->bind_param('i', $UID);
$check_query->execute();
$check_query->bind_result($p_group);
$check_query->fetch();
if ($p_group == 1 && !$this->parent->parent->user->inGroup(1)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to set password on a Super Admin');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to set password for user!<br />Error: <code>You cannot set the password for a Super Administrator</code>', B_T_FAIL);
}
}
$check_query->free_result();
$update_query = $this->mySQL_w->prepare("UPDATE `core_users` SET `pass`=?, `chgPwd`=1, `pwd_reset`=`pwd_reset`+1 WHERE `id`=?");
if ($update_query === false) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords!<br />Error: <code>Update query failed</code>', B_T_FAIL);
}
$affected_rows = 0;
foreach ($users as $UID) {
$hash = $userCtrl->ranHash();
$new_pwd = $userCtrl->pwd_hash($n_pwd, $hash) . ':' . $hash;
$update_query->bind_param('si', $new_pwd, $UID);
$update_query->execute();
$update_query->store_result();
$affected_rows += $update_query->affected_rows;
}
if ($affected_rows == count($users)) {
$this->parent->parent->logEvent($this::name_space, 'Set new password for users ' . csvgetstr($users));
return new ActionResult($this, '/admin/user/user_view', 1, 'Successfully set password for selected user(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Set new password for some users ' . csvgetstr($users));
return new ActionResult($this, '/admin/user/user_view', 1, 'Successfully set password for ' . $affected_rows . '/' . count($users) . ' selected user(s)!<br /><small>Possible cause: <code>Unknown</code></small>', B_T_WARNING);
}
}
function disable()
{
$groups = WebApp::post('groups') === NULL ? array() : strgetcsv(WebApp::post('groups'));
if (count($groups) == 0) {
$groups = WebApp::get('g') === NULL ? array() : strgetcsv(WebApp::get('g'));
}
if (count($groups) == 0) {
return new ActionResult($this, '/admin/user/group_view', 0, 'No group(s) were selected!', B_T_FAIL);
}
$update_query = $this->mySQL_w->prepare("UPDATE `core_groups` SET `en`=0 WHERE `GID`=?");
foreach ($groups as $GID) {
if ($this->inGroup($GID, false, false)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to disable own group');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a group that you are a member of</code>', B_T_FAIL);
}
if ($GID < 1000 && !$this->inGroup(1)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to disable core group');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a core group</code>', B_T_FAIL);
}
}
$affected_rows = 0;
foreach ($groups as $GID) {
$update_query->bind_param('i', $GID);
$update_query->execute();
$update_query->store_result();
$affected_rows += $update_query->affected_rows;
}
if ($affected_rows == count($groups)) {
$this->parent->parent->logEvent($this::name_space, 'Disabled groups ' . csvgetstr($groups));
return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled selected group(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Disabled some of groups ' . csvgetstr($groups));
return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled ' . $affected_rows . '/' . count($groups) . ' selected group(s)!<br /><small>Possible cause: <code>Group was already disabled</code></small>', B_T_WARNING);
}
}
$checkPwd .= ' if(document.getElementById("user_edit::n_pwd").value.length!=0){' . PHP_EOL;
$checkPwd .= ' var conf = confirm("Are you sure you wish to set the user\'s password?");' . PHP_EOL;
$checkPwd .= ' if(conf){' . PHP_EOL;
$checkPwd .= ' return true;' . PHP_EOL;
$checkPwd .= ' }else{' . PHP_EOL;
$checkPwd .= ' return false;' . PHP_EOL;
$checkPwd .= ' }' . PHP_EOL;
$checkPwd .= ' }else{' . PHP_EOL;
$checkPwd .= ' return true;' . PHP_EOL;
$checkPwd .= ' }' . PHP_EOL;
$checkPwd .= '}' . PHP_EOL;
$closeBtn = array('a' => array('t' => 'url', 'a' => '../user_view'), 'ic' => 'remove-sign');
$saveBtn = array('s' => B_T_SUCCESS, 'a' => array('t' => 'url', 'a' => '#', 'oc' => 'processForm(\'user_edit\', this, \'save\', \'checkPwd\')'), 'ic' => 'floppy-disk');
$applyBtn = array('s' => B_T_PRIMARY, 'a' => array('t' => 'url', 'a' => '#', 'oc' => 'processForm(\'user_edit\', this, \'apply\', \'checkPwd\')'), 'ic' => 'ok-sign');
$form = $page->getPlugin('form', array('user_edit', WebApp::action('user', 'user_edit', true), 'post'));
$form->setColumns(3, 9)->setIndent(' ')->addHTML('<br />')->addScript($checkPwd)->addTextField('User ID', 'id', $ID, array('t' => 'ID of User.', 'p' => 'ID'), array('ro' => true, 'd' => false))->addTextField('First Name', 'f_name', $f_name, array('t' => 'First Name of User.', 'p' => 'First Name'), array('v' => true, 'vm' => array('textfieldRequiredMsg' => array('m' => 'A First Name is required.', 's' => 'danger'), 'textfieldMinCharsMsg' => array('m' => 'A First Name is required.', 's' => 'danger'), 'textfieldMaxCharsMsg' => array('m' => 'First Name is limited to 100 characters.', 's' => 'danger')), 'vo' => 'minChars: 0, maxChars: 100, validateOn:["blur"]', 'd' => false, 'r' => true))->addTextField('Surname', 's_name', $s_name, array('t' => 'Surname of User.', 'p' => 'Surname'), array('v' => true, 'vm' => array('textfieldRequiredMsg' => array('m' => 'A Surname is required.', 's' => 'danger'), 'textfieldMinCharsMsg' => array('m' => 'A Surname is required.', 's' => 'danger'), 'textfieldMaxCharsMsg' => array('m' => 'Surname is limited to 100 characters.', 's' => 'danger')), 'vo' => 'minChars: 0, maxChars: 100, validateOn:["blur"]', 'd' => false, 'r' => true))->addTextField('Username', 'username', $username, array('t' => 'Username. Used for logging in and identifying user.', 'p' => 'Username'), array('v' => false, 'd' => false, 'ro' => true))->addTextField('Email Address', 'email', $email, array('t' => 'Email Address. (Unique)', 'p' => '*****@*****.**'), array('t' => 'email', 'v' => true, 'vm' => array('textfieldRequiredMsg' => array('m' => 'An email is required.', 's' => 'danger'), 'textfieldInvalidFormatMsg' => array('m' => 'Not a valid email address.', 's' => 'danger')), 'vo' => 'validateOn:["blur","change"]', 'd' => false, 'r' => true))->addPasswordField('New Password', 'n_pwd', '', array('t' => 'Change the user\'s password', 'p' => 'New Password'), array('t' => 'password', 'v' => true, 'w' => true, 'r' => false))->addTextField('Confirm Password', 'c_pwd', '', array('t' => 'Confirm user\'s new password.', 'p' => 'Confirm Password'), array('t' => 'password', 'vt' => 'confirm', 'v' => true, 'vm' => array('confirmInvalidMsg' => array('m' => 'Passwords do not match.', 's' => 'danger')), 'vc' => 'user_edit\\:\\:n_pwd', 'vo' => 'validateOn:["blur", "change"]'))->addTextField('Pasword Changes', 'pwd_chgs', $pwd_reset, array('t' => 'Number of times user has had their password changed.'), array('ro' => true))->addButtonGroup('Change Password', 'chgPwd', array(array('i' => 'chgPwdY', 's' => B_T_SUCCESS, 'v' => 1, 'l' => 'Yes', 'c' => $chgPwd), array('i' => 'chgPwdN', 's' => B_T_FAIL, 'v' => 0, 'l' => 'No', 'c' => not($chgPwd))), array('t' => 'Must user change password next time they request a page?'))->addButtonGroup('Enabled', 'enabled', array(array('i' => 'enabledY', 's' => B_T_SUCCESS, 'v' => 1, 'l' => 'Yes', 'c' => $enabled), array('i' => 'enabledN', 's' => B_T_FAIL, 'v' => 0, 'l' => 'No', 'c' => not($enabled))), array('t' => 'Disabling a user automatically logs them out and they cannot log back in.'))->addButtonGroup('Activated', 'active', array(array('i' => 'activeY', 's' => B_T_SUCCESS, 'v' => 1, 'l' => 'Yes', 'c' => $activated), array('i' => 'activeN', 's' => B_T_FAIL, 'v' => 0, 'l' => 'No', 'c' => not($activated))), array('t' => 'Has the user activated their account yet?'), array('d' => true))->addSelect('Primary Group', 'p_group', $p_groups, array('t' => 'The user\'s primary group from which add extra privileges can be added.'), array('v' => true, 'vm' => array('selectRequiredMsg' => array('m' => 'A primary group is required.', 's' => 'danger')), 'vo' => 'validateOn:["blur"]', 'r' => true))->addSelect2('Secondary Groups', 's_group', csvgetstr($s_group_IDs), array('t' => 'The user\'s secondary groups which add extra privileges.'), array('r' => true))->addBtnLine(array('close' => $closeBtn, 'save' => $saveBtn, 'apply' => $applyBtn));
$form->build();
$session_query = $this->mySQL_r->prepare("SELECT `id`, `created`, INET_NTOA(`IP`), `lpr` FROM `core_sessions` WHERE `user`=?");
$session_query->bind_param('i', $ID);
$session_query->bind_result($sessID, $sessCreate, $sessIP, $sessLPR);
$session_query->execute();
$session_query->store_result();
$table = $page->getPlugin('table', array('sessions'));
$table->setIndent(' ')->addClass('table-bordered')->addClass('table-hover')->addClass('table-striped');
$thead = array();
$thead['ID'] = Table::addTHeadCell('ID');
$thead['Created'] = Table::addTHeadCell('Created');
$thead['IP'] = Table::addTHeadCell('IP');
$thead['LPR'] = Table::addTHeadCell('Last Page Request');
if ($this->accessAdminPage(20)) {
$thead['destroy'] = Table::addTHeadCell('');
function delete()
{
$locations = WebApp::post('locations') === NULL ? array() : strgetcsv(WebApp::post('locations'));
if (count($locations) == 0) {
return new ActionResult($this, '/admin/location', 0, 'No locations(s) were selected!', B_T_FAIL, array('form' => array('pwd' => '')));
}
$check_query = $this->mySQL_w->prepare("SELECT `ID` FROM `location` WHERE `ID`=?");
if ($check_query === false) {
return new ActionResult($this, '/admin/location', 0, 'Failed to delete location(s)!<br />Error: <code>Check query failed</code>', B_T_FAIL);
}
foreach ($locations as $ID) {
$check_query->bind_param('i', $ID);
$check_query->execute();
$check_query->store_result();
if ($check_query->num_rows != 1) {
return new ActionResult($this, '/admin/location', 1, 'Failed to delete location(s)!<br />Error: <code>Location doesn\'t exist</code>', B_T_INFO);
}
}
$check_query->free_result();
$delete_query = $this->mySQL_w->prepare("DELETE FROM `location` WHERE `id`=?");
if ($delete_query === false) {
return new ActionResult($this, '/admin/location', 0, 'Failed delete location(s)!<br />Error: <code>Update query failed</code>', B_T_FAIL);
}
$affected_rows = 0;
foreach ($locations as $ID) {
$delete_query->bind_param('i', $ID);
$delete_query->execute();
$delete_query->store_result();
$affected_rows += $delete_query->affected_rows;
}
if ($affected_rows == count($locations)) {
$this->parent->parent->logEvent($this::name_space, 'Deleted ' . csvgetstr($locations));
return new ActionResult($this, '/admin/location', 1, 'Successfully deleted selected location(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Deleted some of ' . csvgetstr($locations));
return new ActionResult($this, '/admin/location', 1, 'Successfully deleted ' . $affected_rows . '/' . count($locations) . ' selected location(s)!<br /><small>Possible cause: <code>Location with that ID may not exist</code></small>', B_T_WARNING);
}
}
function add_Comp_docs($id, $docs_array)
{
global $user;
if ($user->accessPage(60)) {
$query = $this->mySQL['r']->prepare("SELECT `ID` from `comp_meet` WHERE `ID`=?");
$query->bind_param('s', $id);
$query->execute();
$query->store_result();
if ($query->num_rows == 1) {
$docs = csvgetstr($docs_array);
$this->mySQL['r']->autocommit(false);
$stmt = $this->mySQL['w']->prepare("UPDATE `comp_meet` SET `docs`=?,`wizStat`=3 WHERE `ID`=?");
if ($stmt !== false) {
$stmt->bind_param('ss', $docs, $id);
$stmt->execute();
$stmt->store_result();
if ($stmt->affected_rows == 1) {
$this->mySQL['w']->commit();
$this->mySQL['w']->autocommit(true);
return array('res' => 0, 'id' => $ID);
} else {
$this->mySQL['w']->rollback();
$this->mySQL['w']->autocommit(true);
return 1;
}
} else {
$this->mySQL['w']->autocommit(true);
return 2;
}
} else {
return 3;
}
} else {
return 4;
}
}